Application Security Engineer - Federal / US Government

About Verkada

At Verkada, we’re rethinking what it means to be physically safe. Today, we build security cameras that detect action, identify danger and help keep people and places safe and secure. Using a combination of software and hardware, we’re transforming an industry that has seen little innovation for decades—and we already support thousands of customers. But this is just the beginning. We envision a world in which security systems feel as seamless and modern as the organizations they protect and our enterprise solution becomes a model for not just business security, but public security as well.

Responsibilities:

• Facilitate the security baked into our applications throughout the software development lifecycle
• Evangelize software security best practices through training and information sharing
• Partner closely with engineering and product teams to improve the security of Verkada’s products and exceed customers’ expectations
• Explore innovative solutions to enable Verkada business instead of “Security says No”
• Collaborate with other engineering leaders to define, communicate, and execute on goals, priorities and process
• Set up security tooling and secure defaults to ensure software security best practices
• Perform architecture analysis, threat modeling and technical design reviews of sensitive features and infrastructure
• Create and operate a bug bounty program
• Triage and recommend solutions for security bugs from tools, third party assessments and bug bounties
• Collaborate with the CISO and security team to grow the broader Verkada security program
• Share your security experience with other teams internally and externally via security conferences and blogs
• Help your peer engineers grow their own security reasoning and knowledge

Qualifications:

• Ability to successfully pass a background screening in accordance with CJIS security standards 
• Eligibility to onboard into AWS GovCloud production environments
• Bachelor of Science in Computer Science degree or equivalent
• Strong experience with AWS, GCP or other cloud service provider
• 7 - 10+ years of experience as a security engineer, software engineer, site reliability engineer, or security consultant
• Understanding of security weaknesses, exploits, attacks and mitigations
• Experience and enthusiasm for learning about new security products, features, and strategies;
• Coding ability. You will sometimes write production Python/Go code, security peer review code, build proofs of concept or implement automation scripts
• Excellent collaborative skills
• Outstanding written and verbal communication
• Experience with most of the following: Security Development Lifecycle, Threat Modeling, Architecture Analysis, Technical Design Review, Security Code Review, Open Policy Agent, SIEM

Perks & Benefits:

• Generous company paid medical, dental & vision insurance coverage 
• Unlimited paid time off & 11 companywide paid holidays 
• Wellness allowance 
• Commuter benefits 
• Healthy lunches and dinners provided daily 
• Generous paid parental leave policy & fertility benefits

As an equal opportunity employer, Verkada is committed to providing employment opportunities to all individuals. All applicants for positions at Verkada will be treated without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.

Your application will be handled in accordance with our Candidate Privacy Policy.